Open AccessProceedings Article
Load shedding in network monitoring applications
Pere Barlet-Ros,Gianluca Iannaccone,Josep Sanjuàs-Cuxart,Diego Amores-López,Josep Solé-Pareta +4 more
- pp 5
TLDR
The design and evaluation of a system that can shed excess load in the presence of extreme traffic conditions, while maintaining the accuracy of the traffic queries within acceptable levels are presented.Abstract:
Monitoring and mining real-time network data streams is crucial for managing and operating data networks. The information that network operators desire to extract from the network traffic is of different size, granularity and accuracy depending on the measurement task (e.g., relevant data for capacity planning and intrusion detection are very different). To satisfy these different demands, a new class of monitoring systems is emerging to handle multiple arbitrary and continuous traffic queries. Such systems must cope with the effects of overload situations due to the large volumes, high data rates and bursty nature of the network traffic.
In this paper, we present the design and evaluation of a system that can shed excess load in the presence of extreme traffic conditions, while maintaining the accuracy of the traffic queries within acceptable levels. The main novelty of our approach is that it is able to operate without explicit knowledge of the traffic queries. Instead, it extracts a set of features from the traffic streams to build an on-line predictionmodel of the query resource requirements. This way the monitoring system preserves a high degree of flexibility, increasing the range of applications and network scenarios where it can be used.
We implemented our scheme in an existing network monitoring system and deployed it in a research ISP network. Our results show that the system predicts the resources required to run each traffic query with errors below 5%, and that it can efficiently handle extreme load situations, preventing uncontrolled packet losses, with minimum impact on the accuracy of the queries' results.read more
Citations
More filters
Journal ArticleDOI
Analysis of the impact of sampling on NetFlow traffic classification
TL;DR: This paper analyzes the performance of current ML methods with NetFlow by adapting a popular ML-based technique and proposes a solution to network operators that is able to operate with Sampled NetFlow data and achieve good accuracy in the presence of sampling.
Journal ArticleDOI
LISP-TREE: A DNS Hierarchy to Support the LISP Mapping System
TL;DR: This paper presents a new mapping system: LISP-TREE, based on DNS and has a similar hierarchical topology: blocks of identifiers are assigned to the levels of the hierarchy by following the current IP address allocation policies.
Proceedings Article
Mantis: automatic performance prediction for smartphone applications
Yongin Kwon,Sangmin Lee,Hayoon Yi,Donghyun Kwon,Seungjun Yang,Byung-Gon Chun,Ling Huang,Petros Maniatis,Mayur Naik,Yunheung Paek +9 more
TL;DR: This work presents Mantis, a framework for predicting the performance of Android applications on given inputs automatically, accurately, and efficiently that synergistically combines techniques from program analysis and machine learning.
Proceedings ArticleDOI
Improving the accuracy of network intrusion detection systems under load using selective packet discarding
TL;DR: The experiments show that selective packet discarding significantly improves the detection accuracy of Snort under increased traffic load, allowing it to detect attacks that would have otherwise been missed.
Journal ArticleDOI
A scalable, efficient and informative approach for anomaly-based intrusion detection systems: theory and practice
TL;DR: The proposed approach is very effective in detecting and classifying anomalies, and in providing information by extracting the culprit flows with a high level of accuracy.
References
More filters
Book
Numerical Recipes in C: The Art of Scientific Computing
TL;DR: Numerical Recipes: The Art of Scientific Computing as discussed by the authors is a complete text and reference book on scientific computing with over 100 new routines (now well over 300 in all), plus upgraded versions of many of the original routines, with many new topics presented at the same accessible level.
Journal ArticleDOI
Space/time trade-offs in hash coding with allowable errors
TL;DR: Analysis of the paradigm problem demonstrates that allowing a small number of test messages to be falsely identified as members of the given set will permit a much smaller hash area to be used without increasing reject time.
Journal ArticleDOI
The Tragedy of the Commons
TL;DR: The tragedy of the commons as a food basket is averted by private property, or something formally like it as mentioned in this paper, which is why the commons, if justifiable at all, is justifiable only under conditions of low-population density.
Book
Data networks
TL;DR: Undergraduate and graduate classes in computer networks and wireless communications; undergraduate classes in discrete mathematics, data structures, operating systems and programming languages.